t/htdocs/security/CAN-2004-0959.php (8 lines of code) (raw):

<?php if (array_key_exists('user_file', $_FILES) && is_uploaded_file($_FILES['user_file']['tmp_name'])) { print $_FILES['user_file']['name']; } else { print "FAILED"; } ?>